package org.figuramc.figura.backend2.trust;

import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Collections;
import java.util.Map;
import java.util.stream.Collectors;
import javax.net.ssl.SSLContext;
import net.minecraft.client.multiplayer.ServerAddress;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.ssl.PrivateKeyStrategy;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.impl.client.HttpClients;
import org.figuramc.com.neovisionaries.ws.client.WebSocket;
import org.figuramc.com.neovisionaries.ws.client.WebSocketError;
import org.figuramc.com.neovisionaries.ws.client.WebSocketException;
import org.figuramc.com.neovisionaries.ws.client.WebSocketExtension;
import org.figuramc.com.neovisionaries.ws.client.WebSocketFactory;
import org.figuramc.figura.FiguraMod;
import org.figuramc.figura.backend2.NetworkStuff;
import org.figuramc.figura.backend2.websocket.FiguraWebSocketAdapter;
import org.figuramc.figura.config.Configs;
import org.figuramc.figura.utils.PlatformUtils;

/* loaded from: input_file:org/figuramc/figura/backend2/trust/KeyStoreHelper.class */
public class KeyStoreHelper {
    private static final char[] password = "figuramc".toCharArray();

    public static HttpClient httpClientWithBackendCertificates() {
        FiguraMod.LOGGER.info("Initializing custom http client");
        try {
            KeyStore keyStore = getKeyStore();
            SSLContextBuilder custom = SSLContexts.custom();
            custom.loadKeyMaterial(keyStore, password, (PrivateKeyStrategy) null);
            custom.loadTrustMaterial(keyStore);
            return HttpClients.custom().setSslcontext(custom.build()).build();
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            FiguraMod.LOGGER.error("Failed to load in the backend's certificates during http client creation!", e);
            return HttpClients.createDefault();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static WebSocket websocketWithBackendCertificates(String str) throws WebSocketException {
        FiguraMod.LOGGER.info("Initializing custom websocket");
        try {
            KeyStore keyStore = getKeyStore();
            WebSocketFactory webSocketFactory = new WebSocketFactory();
            SSLContextBuilder custom = SSLContexts.custom();
            custom.useProtocol("TLSv1.2");
            custom.loadKeyMaterial(keyStore, password);
            custom.loadTrustMaterial(keyStore);
            SSLContext build = custom.build();
            webSocketFactory.setSocketFactory(build.getSocketFactory());
            webSocketFactory.setSSLSocketFactory(build.getSocketFactory());
            webSocketFactory.setSSLContext(build);
            webSocketFactory.setServerName(ServerAddress.func_78860_a((String) Configs.SERVER_IP.value).func_78861_a());
            WebSocket createSocket = webSocketFactory.createSocket(FiguraWebSocketAdapter.getBackendAddress());
            createSocket.addListener(new FiguraWebSocketAdapter(str));
            createSocket.removeProtocol("TLSv1");
            createSocket.removeProtocol("TLSv1.1");
            createSocket.clearProtocols();
            createSocket.addProtocol("TLSv1.2");
            createSocket.addExtension(WebSocketExtension.PERMESSAGE_DEFLATE);
            return createSocket;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            FiguraMod.LOGGER.error("Failed to load in the backend's certificates during Websocket creation!", e);
            NetworkStuff.disconnect("Failed to load certificates for the backend :c");
            throw new WebSocketException(WebSocketError.SOCKET_CONNECT_ERROR);
        }
    }

    private static KeyStore getKeyStore() throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(Files.newInputStream(Paths.get(System.getProperty("java.home"), "lib", "security", "cacerts"), new OpenOption[0]), "changeit".toCharArray());
        Map map = (Map) Collections.list(keyStore.aliases()).stream().collect(Collectors.toMap(str -> {
            return str;
        }, str2 -> {
            try {
                return keyStore.getCertificate(str2);
            } catch (KeyStoreException e) {
                FiguraMod.LOGGER.error("Could not find default certificates!", e);
                return null;
            }
        }));
        InputStream loadFileFromRoot = PlatformUtils.loadFileFromRoot("figurakeystore.jks");
        KeyStore keyStore2 = KeyStore.getInstance("JKS");
        keyStore2.load(loadFileFromRoot, password);
        if (loadFileFromRoot != null) {
            loadFileFromRoot.close();
        }
        Map map2 = (Map) Collections.list(keyStore2.aliases()).stream().collect(Collectors.toMap(str3 -> {
            return str3;
        }, str4 -> {
            try {
                return keyStore2.getCertificate(str4);
            } catch (KeyStoreException e) {
                FiguraMod.LOGGER.error("Could not find default certificates!", e);
                return null;
            }
        }));
        KeyStore keyStore3 = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore3.load(null, new char[0]);
        for (Map.Entry entry : map.entrySet()) {
            keyStore3.setCertificateEntry((String) entry.getKey(), (Certificate) entry.getValue());
        }
        for (Map.Entry entry2 : map2.entrySet()) {
            keyStore3.setCertificateEntry((String) entry2.getKey(), (Certificate) entry2.getValue());
        }
        return keyStore3;
    }
}
